NIST seeks cybersecurity support

On March 25, the National Institute of Standards and Technology (NIST) posted a sources sought notice for Cybersecurity and Privacy Support Services (CAPSS). Responses are due by 11:00 a.m. Eastern on April 15.

NIST is responsible for developing standards and Special Publications, including minimum requirements, that provide adequate information security for all agency operations and assets, but such standards and Special Publications shall not apply to national security systems. With a new and re-energized national emphasis on information security, the NIST Information Technology Laboratory’s (ITL) Computer Security Division (CSD) is uniquely positioned to ensure that new technology initiatives are selected, deployed, and operated in a manner that does not increase the risk to organizational missions, individuals, and the Nation.

CSD conducts research and development in cybersecurity management and assurance, cryptography and systems security, identity management, and emerging cybersecurity technologies. CSD plays a vital role in both national and international cybersecurity standard setting. CSD also provides reference specifications in multiple areas, allowing others to leverage the Division’s work to increase the security of their systems and products.

NIST is contemplating the issuance of an Indefinite-Delivery, Indefinite-Quantity (IDIQ) type contract to gain technical expertise and consultation in multiple specified areas of cyber and information security and privacy to ensure that the NIST mission can be met to “provide standards, technology, tools, and practices to protect our nation’s information and information systems.”

NIST expects the requirements of its mission to expand and anticipates the need for support in meeting these requirements. The support needed to ensure a successful mission ranges from internal programmatic support to technical expertise and research consulting in a wide range of cyber and information security areas. It is also anticipated that CSD will need support with outreach efforts of various kinds.

The intended outcome is for NIST to have the ability to ensure that support is available when needed for specific tasks, as they are identified through internal requirement and resource evaluation, so NIST can accomplish its mission, meet higher organizational expectations, and provide cyber and information security mechanisms to reduce the risks to organizations, individuals, and the Nation.

NIST is seeking information on contractors who can provide cybersecurity research, development and implementation support services and subject matter expertise within the specific task areas.

Full information is available here.

Source: SAM